Jingfang Liu
5604a15024
update staging Godeps and import restrictions
2018-11-26 11:03:00 -08:00
Jingfang Liu
09855d31db
copy kustomize/k8sdeps into cli-runtime
2018-11-26 11:01:56 -08:00
Jordan Liggitt
f199f3d5a3
Set deadline for returning backend error
2018-11-26 09:15:13 -05:00
Dr. Stefan Schimanski
a00d08610f
apiserver: set klog as etcdclient logger
2018-11-26 11:46:04 +01:00
Jordan Liggitt
b84e3dd6f8
Verify backend upgraded connection
2018-11-25 14:25:38 -05:00
David Eads
541f036a49
only update the apiservice status if the status has changed
2018-11-21 16:28:45 -05:00
k8s-ci-robot
2b0212de9c
Merge pull request #71206 from stlaz/enc_config_opt
...
Rename '--experimental-encryption-provider-config' to '--encryption-provider-config'
2018-11-21 11:30:12 -08:00
Jordan Liggitt
2498ca7606
drop VerifyFeatureGatesUnchanged
2018-11-21 11:51:33 -05:00
Jordan Liggitt
d440ecdd3b
Update non-test code to use DefaultMutableFeatureGate
2018-11-21 11:51:33 -05:00
Jordan Liggitt
1d6db5924f
Tighten feature gate interface to split out mutating methods
2018-11-21 11:51:32 -05:00
k8s-ci-robot
3d5998edcd
Merge pull request #71298 from stewart-yu/stewart-controller-manager-flags
...
add missing flags in *-controller-manager --help
2018-11-21 05:58:20 -08:00
Jay Lim
10dd5d6631
*-controller-manager: fix missing global flags for --help
2018-11-21 17:39:14 +08:00
Christoph Blecker
c7d3951927
Update github.com/json-iterator/go to 1.1.4
2018-11-20 18:13:01 -08:00
Dr. Stefan Schimanski
52b1718a63
unstructured: return not-found if intermediate path is not found
2018-11-20 17:21:52 +01:00
zhangyue
596a20ca8a
fix typo: namspace -> namespace
...
Signed-off-by: zhangyue <zy675793960@yeah.net >
2018-11-20 21:47:27 +08:00
knarfeh
e03e90e2bd
Add doc.go imports for staging/src/k8s.io/pkg/apis/meta
2018-11-20 12:16:51 +08:00
Sergei Orlov
21c1bb8830
kubeapiserver: rename '--experimental-encryption-provider-config' to '--encryption-provider-config'.
...
This change renames the '--experimental-encryption-provider-config'
flag to '--encryption-provider-config'. The old flag is accepted but
generates a warning.
In 1.14, we will drop support for '--experimental-encryption-provider-config'
entirely.
Co-authored-by: Stanislav Laznicka <slaznick@redhat.com >
2018-11-19 16:34:09 +01:00
Jan Safranek
0c4b89fad6
Fix typo
2018-11-19 15:28:14 +01:00
Jan Safranek
787611a614
Refactor status PrepareForUpdate into standalone method
...
Someone else might find reseting metadata fields useful.
2018-11-19 14:46:06 +01:00
k8s-ci-robot
7ba79c3183
Merge pull request #71128 from yue9944882/chore/add-reviewer
...
Add yue9944882 to CRD/CR apiserver reviewer
2018-11-18 14:14:17 -08:00
Yang Li
8dc9619d44
Call cancel functions to avoid context leaks
2018-11-18 17:40:35 +08:00
Yang Li
267425667f
Fix unreachable code
2018-11-18 04:16:25 +08:00
Clayton Coleman
486577df17
Restore "Make bootstrap client cert loading part of rotation""
...
This reverts the revert of commit 3464222267
2018-11-17 13:44:58 -05:00
Clayton Coleman
3464222267
Revert "Make bootstrap client cert loading part of rotation"
...
This reverts commit 0af19875adde293b2d7d
2018-11-17 10:24:39 -05:00
k8s-ci-robot
46ebebcc4f
Merge pull request #65763 from x13n/audit-logging
...
Add option to k8s apiserver to reject incoming requests upon audit failure
2018-11-17 04:39:56 -08:00
k8s-ci-robot
3be3510814
Merge pull request #69890 from smarterclayton/bootstrap_retry
...
Make bootstrap client cert loading part of rotation
2018-11-16 22:46:33 -08:00
k8s-ci-robot
ec2e767e59
Merge pull request #71167 from msau42/block-beta
...
Promote raw block volume support to beta
2018-11-16 20:28:03 -08:00
k8s-ci-robot
f38cc95505
Merge pull request #62692 from mikedanese/trev2
...
authn: extend authenticator.Token to support audience validation
2018-11-16 20:27:25 -08:00
Clayton Coleman
de293b2d7d
Ensure the bootstrap rotation code is tested by forcing rotation
...
Expose both a Stop() method (for cleanup) and a method to force
cert rotation, but only expose Stop() on the interface.
Verify that we choose the correct client.
2018-11-16 21:50:52 -05:00
Clayton Coleman
0af19875ad
Make bootstrap client cert loading part of rotation
...
Ensure that bootstrap+clientcert-rotation in the Kubelet can:
1. happen in the background so that static pods aren't blocked by bootstrap
2. collapse down to a single call path for requesting a CSR
3. reorganize the code to allow future flexibility in retrieving bootstrap creds
Fetching the first certificate and later certificates when the kubelet
is using client rotation and bootstrapping should share the same code
path. We also want to start the Kubelet static pod loop before
bootstrapping completes. Finally, we want to take an incremental step
towards improving how the bootstrap credentials are loaded from disk
(potentially allowing for a CLI call to get credentials, or a remote
plugin that better integrates with cloud providers or KSMs).
Reorganize how the kubelet client config is determined. If rotation is
off, simplify the code path. If rotation is on, load the config
from disk, and then pass that into the cert manager. The cert manager
creates a client each time it tries to request a new cert.
Preserve existing behavior where:
1. bootstrap kubeconfig is used if the current kubeconfig is invalid/expired
2. we create the kubeconfig file based on the bootstrap kubeconfig, pointing to
the location that new client certs will be placed
3. the newest client cert is used once it has been loaded
2018-11-16 21:50:26 -05:00
k8s-ci-robot
39c8219999
Merge pull request #71158 from liggitt/revert-openapi-publish
...
Revert openapi publish
2018-11-16 18:22:43 -08:00
k8s-ci-robot
1e22f080ec
Merge pull request #67383 from stlaz/enc_config_promotion
...
Introduce apiserver.config.k8s.io/v1 and use standard method for parsing encryption config file
2018-11-16 16:31:30 -08:00
Mike Danese
effad15ecc
patch webhook authenticator to support token review with arbitrary audiences
2018-11-16 19:30:42 -05:00
Mike Danese
162699ca30
autogenerated
2018-11-16 17:54:33 -05:00
Mike Danese
04837fdef1
authn: add Audiences to TokenReview
2018-11-16 17:54:33 -05:00
Jordan Liggitt
8799eb4e2e
Revert "Merge pull request #67205 from roycaihw/crd-openapi-spec"
...
This reverts commit 54ee58b2d69e2820e4c9
2018-11-16 16:36:24 -05:00
Jordan Liggitt
ad2b916d7c
Revert "Merge pull request #71137 from sttts/sttts-crd-openapi-spec-recursive-v2-prune"
...
This reverts commit 3ea3cfc3befab7009997
2018-11-16 16:36:04 -05:00
k8s-ci-robot
3ea3cfc3be
Merge pull request #71137 from sttts/sttts-crd-openapi-spec-recursive-v2-prune
...
apiextensions: prune {any,one}Of + Not recursively on OpenAPI v2 conversion
2018-11-16 13:20:25 -08:00
k8s-ci-robot
c418e2a04f
Merge pull request #71120 from WanLinghao/audit_log_fix
...
fix a description error in DynamicAuditing feature
2018-11-16 13:20:07 -08:00
k8s-ci-robot
9878253c3c
Merge pull request #70998 from deads2k/client-07-listwatchtimeout
...
update the client generator to set a client-side timeout
2018-11-16 13:19:57 -08:00
Matthew Wong
7a6acefd21
Generate code for BlockVolume beta promotion
2018-11-16 13:38:59 -05:00
Matthew Wong
2ff98f7832
Promote BlockVolume to beta
2018-11-16 13:38:59 -05:00
WanLinghao
84aa00c03d
fix a description error in DynamicAuditing feature
2018-11-17 01:49:02 +08:00
Dr. Stefan Schimanski
0d9a022533
apiextensions: prune {any,one}Of + Not recursively on OpenAPI v2 conversion
2018-11-16 18:42:01 +01:00
David Eads
8f7edec615
generated
2018-11-16 12:41:17 -05:00
David Eads
493bc79c04
update client generator for local timeout
2018-11-16 11:43:37 -05:00
Jordan Liggitt
248d661327
Add tests to ensure storage feature gate changes don't escape packages
2018-11-16 10:52:53 -05:00
k8s-ci-robot
f1e4ec8e48
Merge pull request #71076 from liggitt/preserve-stack
...
Propagate panics up handler chain
2018-11-16 05:13:09 -08:00
k8s-ci-robot
54ee58b2d6
Merge pull request #67205 from roycaihw/crd-openapi-spec
...
Serve OpenAPI spec for registered CRDs
2018-11-16 05:12:41 -08:00
zuoxiu.jm
af505dcd14
add reviewer
2018-11-16 20:12:28 +08:00
